Great tips on improving ssh settings

I am currently reading “Ansible: Up and Running” and it pointed to several improvements I could do on my ssh settings. Also thanks to and OpenSSH Wikibooks.


Host *
  ControlPath /tmp/control-%r@%h:%p
  ControlMaster auto
  ControlPersist 10m

Generate separate known hosts file for your local domain:

Host *
    UserKnownHostsFile ~/.ssh/generated_known_hosts
    StrictHostKeyChecking yes

Sane global defaults:

HashKnownHosts no
Host *
    GSSAPIAuthentication no
    ForwardAgent no

Notify new ssh connections:

Host *
    PermitLocalCommand yes
    LocalCommand /home/user/bin/ %h

Setup host forward ports:

  LocalForward 1234


  ProxyCommand none
Host *
  ProxyCommand ssh nc -q0 %h %p

–or– ProxyCommand ssh -W %h:%p

Keep it Alive:

ServerAliveInterval 30
ServerAliveCountMax 4

